CLI always defaults to unecrypted json #5194
Comments
ajorgensen
added a commit
to ajorgensen/bitwarden-clients
that referenced
this issue
Apr 11, 2023
Issue bitwarden#5194: bitwarden#5194 The cli previously would take any value for the export format and default to unencrypted json if it wasn't a supported format. This behavior is a little dangerous because if for instance typed "json_encrypted" instead of "encrypted_json" and naively saved the file you might be surprised to learn the payload was not actually encrypted even though the command completed successfully. This change adds a guard clause when converting the string value passed in via `--format` into the type `ExportFormat` to ensure that the format provided is one of the supported types.
|
Hi there, Thank you for your report! I was able to reproduce this issue, and I have flagged this to our engineering team. We have also noted the PR you have submitted. If you wish to add any further information/screenshots/recordings etc., please feel free to do so at any time - our engineering team will be happy to review these. Thanks once again! |
|
No worries at all. Please feel free to reach out if you need any more information or have any alterations you'd like me to make to the PR. |
djsmith85
pushed a commit
that referenced
this issue
Apr 17, 2023
* Fail on unsupported export format Issue #5194: #5194 The cli previously would take any value for the export format and default to unencrypted json if it wasn't a supported format. This behavior is a little dangerous because if for instance typed "json_encrypted" instead of "encrypted_json" and naively saved the file you might be surprised to learn the payload was not actually encrypted even though the command completed successfully. This change adds a guard clause when converting the string value passed in via `--format` into the type `ExportFormat` to ensure that the format provided is one of the supported types. * Move isSupportedExportFormat to private method
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps To Reproduce
bw export --output /tmp/test --format asdfasgas; cat /tmp/testExpected Result
I expect the CLI to return an error saying that the format is invalid. Always defaulting to an unencrypted json blob seems like it could have some consequences. For example, this came up when I put in
--format json_encryptedrather than--format encrypted_json. I was surprised when I opened the json blob to see my data unecrypted.Actual Result
CLI always defaults to raw unecrypted json even if the format provided is giberish.
Screenshots or Videos
No response
Additional Context
No response
Operating System
macOS
Operating System Version
No response
Shell
Zsh
Build Version
2023.3.0
Issue Tracking Info
The text was updated successfully, but these errors were encountered: